Back to search
CVE-2005-2119
Published: Oct 11, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17161
third-party-advisory
x_refsource_SECUNIA
MS05-051
vendor-advisory
x_refsource_MS
1015037
vdb-entry
x_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
x_refsource_CONFIRM
oval:org.mitre.oval:def:1452
vdb-entry
signature
x_refsource_OVAL
VU#180868
third-party-advisory
x_refsource_CERT-VN
oval:org.mitre.oval:def:1071
vdb-entry
signature
x_refsource_OVAL
17223
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:551
vdb-entry
signature
x_refsource_OVAL
73
third-party-advisory
x_refsource_SREASON
18828
vdb-entry
x_refsource_OSVDB
17172
third-party-advisory
x_refsource_SECUNIA
15056
vdb-entry
x_refsource_BID
17509
third-party-advisory
x_refsource_SECUNIA
AD20051011b
third-party-advisory
x_refsource_EEYE
TA05-284A
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now